Cybersecurity Update, 21.03.2014.

Americas-government

President Barack Obama asked the Department of Defense last June to perform a cyberattack, according to the nonprofit organization Federation of American Scientists (FAS).

The U.S. Air Force declassified a 15-page policy directive (PDF) last week, containing a single sentence that the FAS believes is enough to prove Obama ordered the military to carry out an aggressive operation in cyberspace, though further details are still classified.

Hackers brought down several public NATO websites, the alliance said on Sunday, in what appeared to be the latest escalation in cyberspace over growing tensions over Crimea.

The Western military alliance’s spokeswoman, Oana Lungescu, said on social networking site Twitter that cyber attacks, which began on Saturday evening, continued on Sunday, although most services had now been restored.

“It doesn’t impede our ability to command and control our forces. At no time was there any risk to our classified networks,” another NATO official said.

International criminal enterprises follow the money, and a report being released Thursday says they are increasingly focusing on California because of its wealth and innovation.

Aside from long-time trafficking in drugs, guns and people, the report by California Attorney General Kamala Harris says criminals are turning to cybercrime to target businesses and financial institutions.

It calls California the top target in the U.S. for organizations that often operate from safe havens in Eastern Europe, Africa and China.

Nearly two weeks after state Auditor Adam Edelen accused Senate Republican leaders of playing politics with a cyber security bill he endorses, the measure was placed on the chamber’s consent agenda after a unanimous committee vote Monday.

The Senate version of House Bill 5 would require state agencies, local governments and contractors to develop and maintain security and investigation protocols to mitigate electronic security breaches involving confidential information held by those agencies, such as Social Security numbers, said Sen. Joe Bowen, chairman of the Senate State and Local Government Committee.

Arguments for boosting US cyber spending over the past couple of years have largely begun with the need to greatly improve the resilience of government networks and ended with a call to grow the cyber force.

But as a new cyber chief awaits confirmation, the discussion has shifted toward how cyber can be part of larger operational planning and how its capabilities might be used to deter aggressive acts.

After claiming that the U.S. intends to unleash cyber warfare on Syria, the Syrian Electronic Army tweeted “proof” that it breached U.S. Central Command systems in response to “Obama’s decision to attack Syria with electronic warfare.” A few weeks ago, SEA tweeted cyberattack threats to topple CENTCOM like a “house of cards” if the U.S. launched cyberattacks on Syria. Then on Friday, SEA tweeted:

The next tweet was: “This is part of an on-going operation and we have already successfully penetrated many central repositories.” It contained a screenshot that allegedly proves SEA gained access to Army Knowledge Online (AKO) servers.

Americas-Private Sector

The issue of terror attack against critical infrastructure. Although these events are by all accounts fairly rare, the attack against Statoil’s natural gas facility at In Amenas, Algeria by the Al Qaeda in the Maghreb organization indicates that terror groups see value in attacking energy targets. As a side note, Statoil’s report on the Amenas attack is a fine case study on a terror event and a vital read for those who must consider security issues in the energy industry.

The matter that Ijeoma, Morgan and I considered is to what degree a cyber attack against energy targets might be a concern. The topic of cyber attack against critical infrastructure has unfortunately moved from a hypothetical to a reality in my academic career. Because of Stuxnet, which allegedly had a significant impact upon centrifuges employed in the Iranian nuclear enrichment program, we now have evidence that computers can be manipulated in a way to produce damage of physical plant and hardware. We are contending with the fact that computers can be hijacked and instructed to break things, a topic more out of science fiction.

A cyber attack happens every 1.5 seconds, according to the FireEye Advanced Threat Report 2013. The study also found that Java was a prime target early in the year, while zero-day attacks focusing on Internet Explorer increased significantly during the latter part of 2013.

According to a FierceCIO article, the results of the FireEye report show the growing threat created by malware infections worldwide. “FireEye found malware attack servers and command and control (CnC) infrastructure in 206 countries and territories in 2013, up from 184 in 2012,” wrote the article’s author Jeff Goldman. More attack servers mean a greater volume of malware being pushed at networks.

A longtime staple of information technology training, cyber security has become a mainstream interest. Edward Snowden’s big reveal last year about the National Security Agency as well as the criminal breach into Target’s (TGT) credit and debit card system show that cyber protection is needed now more than ever.

Every Ivy League school — as well as high performing institutes like Stanford and Carnegie Mellon — offers a computer security program and has done so for a while. But as educational programs become more varied, so do the job prospects.

Thursday, the chair of the President’s Task Force on Cybersecurity sent a letter to University of Maryland officials notifying them of a “cyber-intrusion” this past weekend. According to the official, the FBI determined that there was “no public release of any information and no damage to the institution, except for the release of personal data of one senior University official…”

Investors cringe when a company they own, such as Target (TGT) or Las Vegas Sands (LVS), suffers a cyber breach that results in the loss of customer or employee data.

The cost of a high-profile breach can be in the tens or hundreds of millions of dollars due to lost business, disrupted services and compensating potential identity theft victims.

But sophisticated companies are increasingly balancing the rising risk of a pricey cyber event by acquiring cyber security insurance from the likes of AIG (AIG) and Chubb (CB). Cyber coverage can mitigate the costs of everything from hiring forensic investigators and high-priced lawyers to shelling out ransoms to cyber extortionists.

International

Japan faced a full-on cyber attack across government departments on Tuesday in a drill aimed at bolstering national security as the country gears up to host the 2020 Olympics.

Japan is following the lead of Britain, which invited ethical hackers to test its computer systems in the run up to the 2012 London Olympics. In the event, London parried multiple cyber attacks.

Some 50 cyber defense specialists gathered at an emergency response center in Tokyo, with at least three times that many offsite, to defend against a simulated attack across 21 state ministries and agencies and 10 industry associations, said Ikuo Misumi, a hacking expert at Japan’s state-run National Information Security Center.

A group of events in the past few weeks signal that Russia, China and Iran are entering a new phase in their cyber warfare capabilities, a trend that could spill over into the Israeli- Iranian conflict.

News reports on last Monday gave more detailed accounts of the limited cyber warfare operations that Russia has reportedly been conducting against Ukraine since its incursion into Crimea.

The Ministry of Defence is developing a secret, multimillion-pound research programme into the future of cyberwarfare, including how emerging technologies such as social media and psychological techniques can be harnessed by the military to influence people’s beliefs.

Programmes ranging from studies into the role of online avatars to research drawing on psychological theories and the impact of live video-sharing are being funded by the MoD in partnership with arms companies, academics, marketing experts and thinktanks.

As high-level international talks in Vienna over Iran’s nuclear program edged closer to a deal last fall, something curious happened – massive cyber-attacks that had hammered Wall Street bank websites repeatedly for about a year slowed to a near stop.

While banking industry officials were relieved, others wondered why those Iran-linked “distributed denial of service” attacks that had so regularly flooded bank websites with bogus Internet traffic were shut off like a faucet. One likely reason, say US experts on cyber-conflict: to reduce friction, at least temporarily, at the Vienna nuclear talks